Your app will need to be able to speak to persona (for server-side validation and logout). You will need the webmaker-loginapi https://github.com/mozilla/node-webmaker-loginapi module installed to accomplish this.

Also note that the login API requires that the username:password combination that you use to create your loginapi instance with needs to be known by the login server you are accessing. As such, you will have to make sure that it is one of the possible username:password combinations specified in the login server's environment variable ALLOWED_USERS.

Also, it is recommended to not hardcode the loginapi's endpoint with user credentials in your app, but to use an environment variable that you refer to in the code: var loginapi = require("webmaker-loginapi")( expressInstance, optionsObject );.

Ensure that you're using the correct values in your local .env file, make sure that the URL of your app is included in the ALLOWED_DOMAINS for this app. (For production and staging, these values have already been fixed to the webmaker.org production and staging domains).

For example, if we're integrating SSO into two apps running at http://localhost:8888 and http://localhost:7777, with the Login server running at http://localhost:3000, you would need to include the following in the .env of login.webmaker.org:

You can specify custom event handlers to be triggered after the user bar logs someone in or out (in order to effect UI changes for your app, for instance). This requires setting up a navigator.idSSO.app object in the following manner:

<script>

navigator.idSSO.app ={

onlogin: function(loggedInUser, displayName){

// your code here

},

onlogout: function(){

// your code here

}

};

</script>

Note that you do not need to provide both event handlers; if you only need one, the other can be left out without leading to any errors.

Add webmaker-loginapi to your package.json, and follow its instructions in the README at https://github.com/mozilla/node-webmaker-loginapi. The module will give your app a new route, /user/:userid, which can be used to get a user's Webmaker username.

Calling the route with a Persona email as userid will either set a session value req.session.username to the user's Webmaker username, if they have one, or will not add the username property on req.session, signalling that the user is either unknown entirely, or does not have a username associated with his or her Persona login. For more detailed information, see the node-webmaker-loginapi repository.